Research On Privacy Preserving Data Integrity Checking In Cloud

Since the concept of cloud computing has been proposed,IT industry has generated great interest in this.Cloud computing,as a new business model,uses the Internet to provide users with the required resources and information services in an on-demand and scalable manner.In the cloud computing model,users can reduce the capital expenditures of hardware,software and services,because only pay for the resources they use,and you can access data anywhere in the network.Cloud storage is an emerging service that puts storage resources on the cloud for people to access,it's a very important and common form of cloud computing(e.g.iCloud,Amazon S3,Dropbox).Users can access data conveniently on the cloud at anytime and anywhere,connected to the cloud through any network-enabled device.As cloud servers are storing a lot of important information of users,and users lose the ability to control data directly on the cloud,cloud servers have already become the targets of hackers.Thus,the security of the cloud server directly affects the security of the user's data.At the same time,the cloud server is also not reliable.In order to save storage space,it may lose some data that users seldom access or hardly access,and may also hide data loss in order to maintain their reputation.In general,cloud storage brings to convenience to users at the same time there are some security risks.Therefore,how to detect the integrity of the data stored on the cloud server is the most concern to users.The data integrity checking of the traditional method is downloaded all users of the data from the server,and then verify the integrity of the data,while the traditional method can accurately verify the cloud data integrity,but this method is not only largely occupied bandwidth and not suitable to cloud computing.At present,many researchers have proposed data integrity checking methods for cloud environment based on different problems.However,with the development and research of technology,many data integrity checking methods are not perfect,thus security will also be affected.on the one hand,in order to reduce the extra certificate authentication cost and the system needs heavy public key certificate management,an identity-based dataintegrity detection scheme has been proposed,but the user's identity privacy and data privacy are not considered during the introduction of the verifier.On the other hand,the user's anonymity needs to be realized in the case of data sharing,but the traditional signature method does not meet the needs of data sharing.This dissertation is to solve the problems mentioned above.Two privacy preserving data integrity checking schemes in cloud storage are proposed.The first one is about identity privacy and data privacy in identity-based data integrity checking.The second one is about identity privacy and large group of user in data sharing.The main research work is as follows.(1)We present an identity-based strong privacy preserving data integrity checking protocol in cloud.First,the protocol uses identity-based signature technology to reduce the complexity of public key certificate management and verification,thus improving the computation and communication cost of the system.Then,the user's identity privacy is protected by the ring signature technology.The verifier in the integrity checking process requires multiple users' public key to verify,which makes the verifier not get the real identity of the user.At the same time,the data privacy is protected by random mask technology,so that verifier cannot obtain the data stored in the cloud server when performing multiple challenging tasks.Finally,the protocol is proved to be secure under the random oracle model,and the simulation results show that the protocol is acceptable in real environment.Compared with the existing protocol,the proposed protocol improves security and reduces the cost of the system's public key certificate management and computing.(2)We present an attribute-based privacy preserving data integrity checking protocol in cloud.First,the protocol is applied to data sharing,and using attribute signature technology to protect the user's identity privacy.The verifier can only obtain the signature-related information during the integrity checking procedure,and cannot obtain other information of user,so the user anonymity is achieved.And the data privacy is protected by random mask technology.Then,using a threshold secret sharing scheme to extract the user identity from the private key of the damaged data block,using Lagrange interpolation to derive a secret value to determine whether the user is a malicious user,thus enabling the traceability of malicious users.Then,using a threshold secret sharing scheme to extract the user identity from the private key,using Lagrange interpolation to derive a secret value to determine whether the user is a malicious user,thus enabling the traceability of malicious users.Finally,the security analysis proves that this protocol is secure,and the performance analysis proves that the protocol is effective in practice.Compared with the existing protocols,this paper protects identity privacy while protecting data privacy,this paper not only applies to large group but also achieves public verification,and can achieve traceability.